Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit82a794f

Browse files
authored
correct json format, delete time, file permission, lock permission (microsoft#28)
* correct json format, delete time, file permission, lock permission* change naming to lock owner
1 parent75b27af commit82a794f

File tree

10 files changed

+85
-210
lines changed

10 files changed

+85
-210
lines changed

‎apache2/apache2_config.c‎

Lines changed: 21 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1200,6 +1200,19 @@ static const char *cmd_waf_instanceId(cmd_parms *cmd,
12001200

12011201
returnNULL;
12021202
}
1203+
1204+
staticconstchar*cmd_waf_lock_owner(cmd_parms*cmd,
1205+
void*_dcfg,constchar*p1)
1206+
{
1207+
1208+
if (cmd->server->is_virtual) {
1209+
return"ModSecurity: SecWafLockOwner not allowed in VirtualHost";
1210+
}
1211+
1212+
msc_waf_lock_owner= (char*)p1;
1213+
1214+
returnNULL;
1215+
}
12031216
#endif
12041217

12051218
staticconstchar*cmd_action(cmd_parms*cmd,void*_dcfg,constchar*p1)
@@ -1531,7 +1544,7 @@ static const char *cmd_data_dir(cmd_parms *cmd, void *_dcfg, const char *p1)
15311544
strcat(wafjsonlog_path,WAF_LOG_UTIL_FILE );
15321545
rc=apr_file_open(&dcfg->wafjsonlog_fd,wafjsonlog_path,
15331546
APR_WRITE |APR_APPEND |APR_CREATE |APR_BINARY,
1534-
CREATEMODE,cmd->pool);
1547+
CREATEMODE |APR_WREAD,cmd->pool);
15351548

15361549
if (rc!=APR_SUCCESS) {
15371550
returnapr_psprintf(cmd->pool,"ModSecurity: Failed to open wafjson log file: %s",
@@ -4032,6 +4045,13 @@ const command_rec module_directives[] = {
40324045
CMD_SCOPE_ANY,
40334046
"Set waf instanceId"
40344047
),
4048+
AP_INIT_TAKE1 (
4049+
"SecWafLockOwner",
4050+
cmd_waf_lock_owner,
4051+
NULL,
4052+
CMD_SCOPE_ANY,
4053+
"Set waf lock owner"
4054+
),
40354055
#endif
40364056
{NULL }
40374057
};

‎apache2/apache2_util.c‎

Lines changed: 3 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -311,21 +311,10 @@ static int write_file_with_lock(apr_global_mutex_t* lock, apr_file_t* fd, char*
311311
returnWAF_LOG_UTIL_SUCCESS;
312312
}
313313

314-
staticchar*waf_current_logtime(apr_pool_t*mp) {
315-
apr_time_exp_tt;
316-
chartstr[100];
317-
apr_size_tlen;
318-
319-
apr_time_exp_lt(&t,apr_time_now());
320-
321-
apr_strftime(tstr,&len,80,"%Y-%m-%dT%H:%M:%SZ",&t);
322-
returnapr_pstrdup(mp,tstr);
323-
}
324-
325314
/**
326315
* send all waf fields in json format to a file.
327316
*/
328-
staticvoidsend_waf_log(apr_global_mutex_t*lock,apr_file_t*fd,constchar*str1,constchar*ip_port,constchar*uri,constchar*time,intmode,constchar*hostname,request_rec*r) {
317+
staticvoidsend_waf_log(apr_global_mutex_t*lock,apr_file_t*fd,constchar*str1,constchar*ip_port,constchar*uri,intmode,constchar*hostname,request_rec*r) {
329318
intrc=0;
330319
char*json_str;
331320
charwaf_filename[1024]="";
@@ -351,7 +340,7 @@ static void send_waf_log(apr_global_mutex_t* lock, apr_file_t* fd, const char* s
351340
get_short_filename(waf_filename);
352341
get_ruleset_type_version(waf_ruleset_info,waf_ruleset_type,waf_ruleset_version);
353342

354-
rc=generate_json(&json_str,msc_waf_resourceId,WAF_LOG_UTIL_OPERATION_NAME,WAF_LOG_UTIL_CATEGORY,msc_waf_instanceId,waf_ip,waf_port,uri,waf_ruleset_type,waf_ruleset_version,waf_id,waf_message,mode,0,waf_detail_message,waf_data,waf_filename,waf_line,hostname,time);
343+
rc=generate_json(&json_str,msc_waf_resourceId,WAF_LOG_UTIL_OPERATION_NAME,WAF_LOG_UTIL_CATEGORY,msc_waf_instanceId,waf_ip,waf_port,uri,waf_ruleset_type,waf_ruleset_version,waf_id,waf_message,mode,0,waf_detail_message,waf_data,waf_filename,waf_line,hostname);
355344
if (rc==WAF_LOG_UTIL_FAILED) {
356345
#ifAP_SERVER_MAJORVERSION_NUMBER>1&&AP_SERVER_MINORVERSION_NUMBER>2
357346
ap_log_rerror(APLOG_MARK,APLOG_ERR |APLOG_NOERRNO,0,r,
@@ -466,7 +455,7 @@ static void internal_log_ex(request_rec *r, directory_config *dcfg, modsec_rec *
466455
elserequestheaderhostname="";
467456

468457
#ifdefWAF_JSON_LOGGING_ENABLE
469-
send_waf_log(msr->modsecurity->wafjsonlog_lock,dcfg->wafjsonlog_fd,str1,r->useragent_ip ?r->useragent_ip :r->connection->client_ip,log_escape(msr->mp,r->uri),waf_current_logtime(msr->mp),dcfg->is_enabled, (char*)msr->hostname,r);
458+
send_waf_log(msr->modsecurity->wafjsonlog_lock,dcfg->wafjsonlog_fd,str1,r->useragent_ip ?r->useragent_ip :r->connection->client_ip,log_escape(msr->mp,r->uri),dcfg->is_enabled, (char*)msr->hostname,r);
470459
#endif
471460

472461
#ifAP_SERVER_MAJORVERSION_NUMBER>1&&AP_SERVER_MINORVERSION_NUMBER>2

‎apache2/mod_security2.c‎

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -95,6 +95,7 @@ TreeRoot DSOLOCAL *conn_write_state_suspicious_list = 0;
9595
#ifdefWAF_JSON_LOGGING_ENABLE
9696
charDSOLOCAL*msc_waf_resourceId="";
9797
charDSOLOCAL*msc_waf_instanceId="";
98+
charDSOLOCAL*msc_waf_lock_owner="root";
9899
#endif
99100

100101
#if defined(WIN32)|| defined(VERSION_NGINX)

‎apache2/modsecurity.h‎

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -170,6 +170,7 @@ extern DSOLOCAL int *unicode_map_table;
170170
#ifdefWAF_JSON_LOGGING_ENABLE
171171
externDSOLOCALchar*msc_waf_resourceId;
172172
externDSOLOCALchar*msc_waf_instanceId;
173+
externDSOLOCALchar*msc_waf_lock_owner;
173174
#endif
174175

175176
#defineRESBODY_STATUS_NOT_READ 0/* we were not configured to read the body */

‎apache2/waf_logging/waf_format.pb.cc‎

Lines changed: 27 additions & 89 deletions
Some generated files are not rendered by default. Learn more aboutcustomizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp